/// <summary> /// Creates a connection to KProcessHacker. /// </summary> /// <param name="deviceName">The name of the KProcessHacker service and device.</param> public KProcessHacker2(string deviceName) { _deviceName = deviceName; try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } catch (WindowsException ex) { if ( ex.Status == NtStatus.NoSuchDevice || ex.Status == NtStatus.NoSuchFile || ex.Status == NtStatus.ObjectNameNotFound ) { LoadService(); } else { throw ex; } } _fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose); _features = this.KphGetFeatures(); }
public KProcessHacker(string deviceName, string fileName) { _deviceName = deviceName; if (IntPtr.Size != 4) throw new NotSupportedException("KProcessHacker does not support 64-bit Windows."); try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } catch (WindowsException ex) { if ( ex.Status == NtStatus.NoSuchDevice || ex.Status == NtStatus.NoSuchFile || ex.Status == NtStatus.ObjectNameNotFound ) { ServiceHandle shandle; using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService)) { shandle = scm.CreateService( deviceName, deviceName, ServiceType.KernelDriver, fileName ); shandle.Start(); } try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } finally { shandle.Delete(); } } else { throw ex; } } _fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose); byte[] bytes = _fileHandle.Read(4); fixed (byte* bytesPtr = bytes) _baseControlNumber = *(uint*)bytesPtr; try { _features = this.GetFeatures(); } catch { } }
/// <summary> /// Creates a connection to KProcessHacker. /// </summary> /// <param name="deviceName">The name of the KProcessHacker service and device.</param> /// <param name="fileName">The file name of the KProcessHacker driver.</param> public KProcessHacker(string deviceName, string fileName) { _deviceName = deviceName; if (OSVersion.Architecture != OSArch.I386) throw new NotSupportedException("KProcessHacker does not support 64-bit Windows."); try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } catch (WindowsException ex) { if ( ex.Status == NtStatus.NoSuchDevice || ex.Status == NtStatus.NoSuchFile || ex.Status == NtStatus.ObjectNameNotFound ) { // Attempt to load the driver, then try again. ServiceHandle shandle; bool created = false; try { using (shandle = new ServiceHandle("KProcessHacker", ServiceAccess.Start)) { shandle.Start(); } } catch { using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService)) { shandle = scm.CreateService( deviceName, deviceName, ServiceType.KernelDriver, fileName ); shandle.Start(); created = true; } } try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } finally { if (shandle != null) { if (created) { // The SCM will delete the service when it is stopped. shandle.Delete(); } shandle.Dispose(); } } } else { throw ex; } } _fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose); byte[] bytes = _fileHandle.Read(4); fixed (byte* bytesPtr = bytes) _baseControlNumber = *(uint*)bytesPtr; try { _features = this.GetFeatures(); } catch { } }
/// <summary> /// Creates a connection to KProcessHacker. /// </summary> /// <param name="deviceName">The name of the KProcessHacker service and device.</param> /// <param name="fileName">The file name of the KProcessHacker driver.</param> public KProcessHacker(string deviceName, string fileName) { _deviceName = deviceName; if (IntPtr.Size != 4) { throw new NotSupportedException("KProcessHacker does not support 64-bit Windows."); } try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } catch (WindowsException ex) { if ( ex.Status == NtStatus.NoSuchDevice || ex.Status == NtStatus.NoSuchFile || ex.Status == NtStatus.ObjectNameNotFound ) { // Attempt to load the driver, then try again. ServiceHandle shandle; bool created = false; try { using (shandle = new ServiceHandle("KProcessHacker", ServiceAccess.Start)) { shandle.Start(); } } catch { using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService)) { shandle = scm.CreateService( deviceName, deviceName, ServiceType.KernelDriver, fileName ); shandle.Start(); created = true; } } try { _fileHandle = new FileHandle( @"\Device\" + deviceName, 0, FileAccess.GenericRead | FileAccess.GenericWrite ); } finally { if (shandle != null) { if (created) { // The SCM will delete the service when it is stopped. shandle.Delete(); } shandle.Dispose(); } } } else { throw ex; } } _fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose); byte[] bytes = _fileHandle.Read(4); fixed(byte *bytesPtr = bytes) _baseControlNumber = *(uint *)bytesPtr; try { _features = this.GetFeatures(); } catch { } }